A security research team at the major crypto exchange Bybit has identified 16 blockchain networks that are technically capable of freezing or restricting user funds.
Bybit’s Lazarus Security Lab on Tuesday released a report examining the impact of the fund freezing ability across multiple blockchains, analyzing a total of 166 networks.
Using AI-driven analysis combined with manual review, the Bybit security team found that networks like Binance-backed BNB Chain are hardcoded with freezing functions.
The analysts also reported that the Cosmos chain is among 19 networks that could potentially introduce the freezing capability with “relatively minor protocol changes.”
Three main freezing mechanisms
Among the 16 blockchain networks, Bybit’s Lazarus Security Lab found three distinct mechanisms for freezing funds at the protocol level.
These mechanisms include a hardcoded freezing method or public blacklist, a configuration file-based freezing method or private blacklist, and an onchain smart contract-based freezing method.
According to the report, 10 out of 16 blockchains capable of freezing funds can use config-based freezing, which is managed through local configuration files such as YAML, ENV or TOML. These files are typically accessible only to validators, the foundation and core developers.
In the config-based freezing category, Bybit’s security team mentioned the layer-1 blockchains Aptos, Eos and Sui.
Among the five blockchains with freezing capabilities embedded directly in their source code, Bybit analysts identified BNB Chain, VeChain, Chiliz, Viction and XinFin’s XDC Network. The report referenced the networks’ GitHub repositories to highlight their hardcoded freezing features.
The Heco chain, also known as the Huobi Eco Chain, is the only blockchain to manage a blacklist through an onchain smart contract, the report claimed.
Addressing the 19 blockchains that could potentially introduce fund freezing mechanisms, Bybit’s security team paid specific attention to module accounts in the Cosmos ecosystem.
Related: Argentina turns up the heat in Libra scandal with sweeping asset freeze
Unlike regular user accounts, module accounts are controlled by module logic rather than private keys, potentially allowing for the restriction of transactions.
“This function could, in theory, be modified in the future to add a hacker’s address, but so far none of the blockchains in the Cosmos ecosystem have used it in this way,” the report stated, adding:
“Implementing such a change would require a hard fork along with minor adjustments — likely in the anteHandler file — or additional code modifications.”
Bybit’s researchers warned that the presence of these mechanisms, even when intended to prevent theft or hacks, raises deeper concerns about censorship and centralized control in blockchain systems.
Related: Bybit hack: ‘Reckoning’ that led SafeWallet to rearchitect its systems
The findings add to the growing debate about whether “decentralized” networks remain so in practice, as more projects integrate emergency controls, compliance modules, and admin-level privileges that blur the line between security and centralization.
The report came months after Bybit suffered a $1.5 billion cold wallet hack, one of the largest security incidents the crypto industry has ever seen. With coordinated efforts of partners like Circle, Tether, THORchain and Bitget, the community managed to freeze $42.9 million of exploited funds, while mETH Protocol even recovered cmETH tokens worth nearly $43 million.
Magazine: Philippines blockchain bill to battle corruption, crypto KOLs charged: Asia Express
